Hultquist said the attacks show effective defences include not just perimeter efforts, but multilayered security zoning with ongoing automated analysis of the implementation of those zones, to be sure the network reflects best practice.

“Being able to clearly see your network, its defences and the possible paths through it are a critical aspect of your enterprise defense efforts,” he said.

Symantec said Dragonfly had used a variety of techniques to compromise computers, to give it the “capability to mount sabotage operations that could have disrupted energy supplies across a number of European countries".

Dragonfly used Trojan malware Backdoor.Oldrea to gather system information, including the computers' Outlook address book and a list of files and programs installed; and Trojan.Karagany to upload stolen data, download new files and run them on infected computers.

Symantec said Dragonfly "bears the hallmarks of a state-sponsored operation, displaying a high degree of technical capability".

Industrial control systems

Researchers at Kaspersky Lab expect ICS attacks to increase, because industrial networks offer an easier way in to the more heavily protected corporate IT systems.

Eric Chiu, president and co-founder of cloud security fir HyTrust, said cyber attacks are on the rise – from nation-sponsored attacks and industrial espionage to cyber criminals out to steal personal data.

“Nobody – corporations, government agencies or energy companies – is immune, and security needs to be a top priority, rather than an afterthought or insurance plan,” he said.

Chiu said attackers are getting more sophisticated in how they steal credentials and gain access to corporate networks.

“Given this trend, all companies and government organisations should protect their data and networks from the inside-out, assuming the bad guy is already on the network,” he said.

“With that assumption in mind, critical systems should be protected using access controls, role-based monitoring and data encryption,” Chiu added.

2 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

And what did Symantec expect to find...? We have an aged creaky system with an ad hoc hookup to the web, giving hackers easy access to everything that keeps the power grid operating.

I'm not quite sure who could have been so shortsighted to skip updating the grid and all its underpinnings. Yet, like so much else left to decay all across America, every time the grid crashes, it's patched back together, still vulnerable to the next overload, to the next hack. This will not end well unless something is done far sooner than later.